Website Auditor
Scoring Guide
The complete reference for how our free website auditor evaluates your site across 12 dimensions with 200+ factors. Every deduction, weight, and the composite algorithm β fully transparent.
All scores computed from HTML source, HTTP headers, and robots.txt β no external APIs, no AI inference.
How Scoring Works
Each dimension starts at 100 points. Points are deducted for missing elements, poor implementations, and security gaps. The composite score is a weighted average of all 12 dimensions.
Title Tag (50β60 chars)
The title tag is the single most important on-page SEO element. Google displays it as the clickable headline in search results. A missing or poorly sized title means lower click-through rates and weaker ranking signals.
Meta Description (140β160 chars)
Meta descriptions serve as your page's advertisement in search results. A compelling description within 140β160 characters dramatically improves click-through rates, which indirectly boosts rankings.
H1 Heading (single, keyword-rich)
The H1 is your page's main topic declaration. Search engines treat it as the strongest content signal after the title. Multiple H1s dilute topic focus; missing H1s leave engines guessing.
Heading Hierarchy (H1βH6)
A logical heading structure creates a content outline that search engines and screen readers follow. Skipped levels confuse crawlers about content relationships.
Canonical URL
The canonical tag tells search engines which version of a page is the "official" copy. Without it, duplicate content splits your ranking authority.
Open Graph Tags
Open Graph tags control how your page appears when shared on Facebook, LinkedIn, and other platforms. Complete OG tags ensure professional social previews.
Twitter/X Card Tags
Twitter Card meta tags determine your page's preview format on Twitter/X. The "summary_large_image" type generates the most engagement.
Primary Keyword Placement
Your primary keyword should appear in the H1, first paragraph, and URL slug β the triple-placement strategy sends the strongest relevance signal.
Keyword Density (0.5β2.5%)
Below 0.5% signals weak topical relevance; above 3% triggers keyword stuffing penalties. The 0.5β2.5% sweet spot confirms relevance without over-optimization.
E-E-A-T Signals
Google's E-E-A-T framework evaluates content credibility. We detect 10 indicators including about pages, author bios, testimonials, trust badges, and Person schema.
Readability (Flesch Score)
The Flesch Reading Ease score measures writing accessibility. A score of 60+ means a general audience can understand it; below 40 reduces dwell time.
Internal Link Density
Internal links distribute PageRank authority across your site. The optimal density is 2β5 internal links per 1,000 words.
Dofollow Outbound Links (2β5)
Linking to authoritative external sources with dofollow signals topical relevance. Zero outbound dofollow links looks unnatural; the 2β5 range is optimal.
Passive Voice Ratio
Active voice writing is clearer and easier for AI/voice assistants to extract. A passive voice ratio above 30% reduces user engagement and AI comprehension.
Table of Contents
For articles over 1,500 words, a Table of Contents with anchor links improves dwell time and enables jump-link rich results in Google.
Zero-Click Optimization
TL;DR blocks and definition-style lead paragraphs are the content patterns Google extracts for position-zero featured snippets.
Entity Salience
Strong entity mentions build topical authority signals that Google's Knowledge Graph uses to connect your page to real-world entities.
Binge-Worthy Signals
Related content sections and "Read Next" links keep users on your site longer. Google measures dwell time as a quality signal.
Social Share Buttons
Social sharing widgets encourage content distribution; the referral traffic and brand mentions contribute to overall domain authority.
OG Sharing Completeness
Checks og:locale, og:image dimensions (1200Γ630px), article timestamps, and WebP format for pixel-perfect previews across platforms.
URL Length (<75 chars)
Short, descriptive URLs are easier to share. Google truncates URLs over ~75 characters and excessively long URLs correlate with less authoritative pages.
External Links without rel
External links without rel="nofollow noopener noreferrer" leak PageRank authority and create security vulnerabilities (tabnabbing).
Redirect Chains
Each redirect in a chain adds 100β500ms of latency and dilutes PageRank by roughly 15% per hop.
SPA/JS Rendering
Client-side rendered SPAs may produce thin initial HTML that search engines cannot index. Server-side rendering ensures crawlers see your full content.
Anchor Text Diversity
Repetitive anchor text ("click here", "read more") wastes an opportunity to signal topic relevance to search engines.
Lang, Favicon, Robots Meta, Deprecated Tags
These foundational HTML elements ensure proper language targeting, brand recognition, crawler directives, and modern standards compliance.
Server Response Time
TTFB is the foundation of all page speed. A response over 2 seconds indicates server-side bottlenecks. Under 500ms is excellent.
Estimated LCP
LCP measures when the largest visible element finishes rendering. Google's threshold: under 2.5s is "good," over 4s is "poor."
Estimated CLS
CLS measures unexpected visual movement during loading. Google's threshold: under 0.1 is "good," over 0.25 is "poor."
Estimated INP
INP measures responsiveness β how quickly the page reacts to user input. Google's threshold: under 200ms is "good," over 500ms is "poor."
HTML Document Size
Excessively large HTML slows parsing. Documents over 500KB indicate bloated markup or missing code splitting.
Render-Blocking Scripts
Scripts in <head> without async/defer block HTML parsing. Converting to async/defer is one of the highest-impact performance wins.
Render-Blocking CSS
External CSS files block rendering until fully downloaded. Inlining critical CSS eliminates this bottleneck.
Image Optimization
Images are 50β70% of page weight. Lazy loading, WebP/AVIF, and srcset can cut page weight in half.
Image Dimensions (width/height)
Images without explicit dimensions cause layout shifts, directly worsening your CLS score.
Font Loading Strategy
Web fonts cause FOIT/FOUT. Preloading primary fonts and using font-display:swap minimizes text rendering delays.
CSS Bundle Size
Large CSS payloads (>200KB) increase parsing time. Over 500KB indicates serious CSS bloat.
JavaScript Bundle Size
JS is the most expensive resource. Code splitting and tree shaking keep the initial payload manageable.
Resource Hints
Preconnect, prefetch, and preload hints tell the browser to start downloads earlier, reducing perceived load time.
HTTP Version (HTTP/2 or HTTP/3)
HTTP/2 enables multiplexing; HTTP/3 adds zero round-trip handshakes. Sites on HTTP/1.1 suffer sequential loading.
CDN Detection
A CDN caches content at edge locations worldwide, reducing latency from seconds to milliseconds for distant users.
Compression (Brotli/gzip)
Response compression reduces transfer sizes by 60β80%. Brotli is ~15% more efficient than gzip for text resources.
Third-Party Scripts
Over 10 third-party scripts can add 2β5 seconds to page load. Auditing and deferring non-critical trackers is essential.
Cache-Control Headers
Proper max-age values let browsers store resources locally, eliminating redundant downloads on repeat visits.
Analytics Setup Quality
We evaluate GA4 presence, GTM configuration, and event tracking sophistication for data-driven optimization.
Long Task Script Detection
Scripts blocking the main thread for over 50ms cause visible jank and poor INP scores.
HTTPS Encryption
HTTPS encrypts all data between user and server. Without it, browsers display "Not Secure" warnings and Google demotes rankings.
Mixed Content
Loading HTTP resources on HTTPS pages breaks the chain of trust. Browsers may block these resources.
HSTS (Strict-Transport-Security)
HSTS forces browsers to always use HTTPS, preventing protocol downgrade attacks.
Content-Security-Policy (CSP)
CSP is the primary defense against XSS attacks. A missing CSP leaves your site vulnerable to injected malicious code.
CSP Strictness Score
We score strictness (0β100) based on directive count, nonces vs. unsafe-inline, and frame-ancestors.
Permissions-Policy Depth
Restricts browser APIs (camera, microphone, geolocation). Without it, malicious scripts could access sensitive device features.
X-Content-Type-Options
The nosniff directive prevents MIME-type sniffing, stopping content-type confusion attacks.
X-Frame-Options
Prevents clickjacking by blocking iframe embedding on malicious sites.
Referrer-Policy
Controls how much URL information leaks to external sites when users click links.
Cross-Origin Policies (COOP/CORP/COEP)
These headers isolate your page's browsing context, preventing Spectre side-channel data theft.
Outdated Library Detection
We detect jQuery <3.5, Angular <1.8, Bootstrap <5, and other libraries with known CVE vulnerabilities.
Cookie Security
Cookies without Secure, HttpOnly, and SameSite attributes are vulnerable to interception, XSS, and CSRF attacks.
Insecure Form Actions
Forms submitting to HTTP endpoints transmit data in plaintext, violating PCI-DSS and GDPR.
Subresource Integrity (SRI)
SRI hashes verify external scripts haven't been tampered with β a critical supply-chain defense.
External Link Security
Links with target="_blank" but missing rel="noopener noreferrer" enable tabnabbing attacks.
Privacy Policy & Cookie Consent
GDPR/CCPA regulations require visible privacy policies. Non-compliance can result in fines up to 4% of annual revenue.
Rate Limiting
Rate limiting headers indicate protection against brute-force attacks and credential stuffing.
Server/Technology Exposure
Headers exposing your tech stack give attackers a roadmap of known vulnerabilities.
Structured Data (Schema.org)
Structured data gives AI models explicit, machine-readable context. Without schema, AI must infer meaning from unstructured HTML.
AI Crawler Governance
We check 12+ AI crawlers (GPTBot, ClaudeBot, PerplexityBot, Google-Extended, Amazonbot) in meta tags and robots.txt.
llms.txt File & Quality
llms.txt is an emerging standard that tells language models how to access and interpret your content.
RAG-Friendliness Score
RAG systems chunk content for vector embedding. ID attributes on headings allow precise chunk targeting.
Content Provenance Signals
Attributions like "according to [source]" make your claims verifiable and citation-worthy for AI.
Semantic HTML Elements
Semantic elements (article, section, aside, figure) provide structural meaning AI can parse without heuristics.
FAQ/Q&A Content Patterns
AI models are trained heavily on Q&A pairs. FAQ sections are the most extractable content format for AI citation.
Freshness Signals
AI models heavily weight content recency. dateModified metadata and <time> elements signal currency.
Social Links & Entity Signals
Social profiles help AI confirm your brand's entity identity in the Knowledge Graph.
HTML-to-Text Ratio
Pages with <10% text-to-HTML ratio are mostly markup. A 20β70% ratio indicates content-rich pages for AI.
JS Content Dependency
AI crawlers generally do not execute JavaScript. Server-side rendering ensures AI accesses your full content.
Content Depth (word count)
Thin pages (under 300 words) are rarely cited. Pages over 1,500 words are 3x more likely to appear in AI-generated responses.
Structured Q&A Content
FAQ and Q&A sections directly match the question-answer format of user queries β the highest-value content for AI citation.
Entity Markup Strength
Strong, em, and mark tags highlight key entities that AI uses for knowledge extraction.
E-E-A-T Schema Signals
Person, Article, Review, and Service schemas provide machine-readable E-E-A-T signals.
CTA Elements & Above-Fold CTA
Three or more CTAs with action-oriented text indicate an optimized conversion funnel.
Trust Signals & Social Proof
Testimonials, trust badges, and client logos build conversion confidence and reduce bounce rates.
Citation Readiness
Pages with 5+ external citations demonstrate research depth that AI models prefer to cite.
Statistics/Data Point Density
Content with concrete statistics reads as authoritative analysis rather than opinion.
Author/Expertise Signals
Visible author bylines with credentials signal content accountability for E-E-A-T scoring.
Speakable Schema
Tells voice assistants which page sections are suitable for text-to-speech in voice search results.
Value Proposition in Headings
Your H1 should clearly communicate what you offer, for whom, and why it matters.
Language Declaration (lang)
Without lang, screen readers may mispronounce every word on the page.
Skip Navigation Link
Allows keyboard users to bypass navigation menus and jump directly to content.
Semantic Landmarks
Screen readers use main, nav, and footer landmarks to let users jump between page sections.
Image Alt Text
Images without alt text are invisible to screen readers and provide no SEO value.
Form Labels
Unlabeled form inputs are unusable for screen reader users.
Focus Styles
Focus indicators are the only way keyboard users can see where they are on the page.
ARIA Implementation
ARIA attributes provide accessibility information for interactive elements beyond native HTML.
Button Labels
Buttons without text or aria-label are announced as just "button" with no context.
Color Contrast
WCAG requires 4.5:1 contrast for normal text, 3:1 for large text.
Video Captions
Videos without captions exclude deaf users and miss indexable text content.
CAPTCHA Accessibility
Visual CAPTCHAs without audio alternatives completely block blind users.
Duplicate IDs
Duplicate IDs break ARIA references and form label associations.
HTML Validity / Nesting Errors
Invalid HTML causes assistive technology parsing failures.
Tables with Headers, Iframes with Titles
Tables without <th> headers are unreadable by screen readers.
Question-Answer Patterns
Question-based H2/H3 headings with concise answers are the #1 content pattern cited in AI Overviews.
Data/Comparison Tables
Generative AI frequently cites tabular data for comparison queries. Tables provide structured, extractable information.
Content Depth (>1000 words)
Pages over 1,000 words with unique insights are 5x more likely to be cited by AI search engines.
List-Based Content
Numbered and bulleted lists are the second most-extracted content format by generative engines.
Hreflang (with self-ref & x-default)
Hreflang tags tell generative engines which language/region each page targets. Missing tags cause wrong-language content.
Statistics/Data Density
Pages with specific numbers and percentages are treated as more authoritative by generative engines.
Original Research Signals
Charts, figures, and data tables suggesting original research signal first-party data that AI cites preferentially.
Content Freshness
Stale content (over 1 year) is progressively deprioritized by generative engines.
Unique Insight Patterns
Phrases like "our research found" signal first-hand expertise that generative engines recognize as citation-worthy.
Viewport Meta Tag
Without viewport meta, mobile browsers render at desktop width making text unreadably small and buttons untappable.
Viewport Zoom Restriction
maximum-scale=1 prevents users from zooming, violating WCAG 1.4.4. Google penalizes zoom-restricted viewports.
Touch Target Size
Elements smaller than 44x44px cause accidental clicks and frustration on mobile devices.
Fixed-Width Elements
Fixed pixel widths over 800px cause horizontal scrolling on mobile β a severe usability failure.
Web App Manifest
The manifest enables PWA features: add-to-homescreen, app-like appearance, and splash screens.
PWA Install Readiness
Requires manifest + service worker + HTTPS for the PWA install prompt.
Manifest Icon Coverage
A manifest with fewer than 4 icon sizes means distorted icons on many devices.
Service Worker
Service workers enable offline capability, background sync, and push notifications.
Responsive Images (srcset)
Without srcset, mobile devices download full-resolution desktop images, wasting 40β70% bandwidth.
Popup/Interstitial Detection
Google penalizes intrusive mobile interstitials that block content access.
Touch Feedback
CSS :active states provide visual feedback when users tap, confirming their interaction registered.
Page Weight (Sustainability Proxy)
Pages over 3MB are heavy for mobile data. Under 1MB is lightweight and sustainable.
FAQPage Schema
FAQPage schema is the most direct path to expandable FAQ rich results in Google.
Featured Snippet Readiness
Position-zero snippets capture ~35% of all clicks. Question headings + 40β60 word answers are required.
Speakable Schema
Voice assistants use Speakable schema to identify sections suitable for text-to-speech.
HowTo Schema
Enables rich step-by-step results for instructional content β "how to" queries are among the most common.
Concise Answer Blocks
Paragraphs between 10β50 words that directly answer questions are targeted by the snippet algorithm.
Direct Answer Patterns
Definitional statements ("X is defined as...") are the #1 pattern extracted for knowledge panel answers.
Breadcrumb Schema
BreadcrumbList schema enables breadcrumb rich results that show your site hierarchy in SERPs.
Paragraph Length
Voice assistants prefer paragraphs under 30 words for readability.
Video Content + VideoObject Schema
Video results appear in ~25% of featured snippet positions. VideoObject schema enables video rich results.
Schema Presence
Zero structured data is the single largest penalty. Without any schema, search engines have no machine-readable understanding.
Tier 1 Schema Types
Organization, WebSite, Article, Product, FAQPage, BreadcrumbList, LocalBusiness deliver the highest SEO impact.
Tier 2 Schema Types
Person, HowTo, Service, Event, Review, AggregateRating extend rich result eligibility.
Property Completeness
An Organization with only a name is far less useful than one with address, phone, logo, and sameAs.
JSON-LD Format
Google recommends JSON-LD over Microdata and RDFa for easier implementation and maintenance.
Schema Validity
Invalid JSON-LD (parse errors, missing required fields) is silently ignored by search engines.
sameAs Entity Linking
sameAs links to Wikipedia, Wikidata, and social profiles help search engines disambiguate your brand entity.
SearchAction Schema
Enables the sitelinks search box in Google β a search field directly in your branded SERP listing.
BuyAction / SubscribeAction
Action schemas signal conversion intent, potentially enabling direct purchase rich results.
Rich Results Eligibility
We evaluate which rich results your schema qualifies for: FAQ dropdowns, star ratings, how-to steps, product cards.
Nested Schema Depth
Deeper nesting (author within Article, offers within Product) enables richer Knowledge Graph connections.
NAP (Name, Address, Phone)
NAP consistency is the #1 local ranking factor. Must match your Google Business Profile exactly.
LocalBusiness Schema
Provides Google with structured business data: name, address, phone, hours, geo coordinates.
Phone Number
A clickable tel: link is essential for mobile users and signals local business legitimacy.
Google Maps Embed
A map provides visual location confirmation and helps Google associate your site with a geographic point.
Address Microdata
PostalAddress schema makes your address machine-readable for accurate parsing.
Geo Meta Tags
geo.region, geo.placename, and geo.position meta tags declare your geographic target.
Opening Hours
Business hours are a top local ranking factor and appear prominently in local pack results.
Review/Rating Schema
AggregateRating displays star ratings in SERPs. Reviews are the #2 local ranking factor.
Service Area Schema
areaServed defines your service radius beyond your physical address location.
Reduced Motion Support
Users with vestibular disorders experience nausea from animations. @media prefers-reduced-motion is a WCAG 2.3.3 requirement.
High Contrast Mode
Users with low vision enable forced-colors mode. Websites must handle @media forced-colors to remain usable.
Link Distinguishability
WCAG 1.4.1 requires links to be distinguishable from text by more than just color.
Text Resize (rem/em)
WCAG 1.4.4 requires text resizable to 200% without content loss. Pixel font sizes don't scale.
Focus Not Obscured (WCAG 2.4.11)
Sticky headers and floating elements can cover the focus indicator, making navigation impossible.
Accessible Authentication (WCAG 3.3.8)
Login forms must support autocomplete and password managers, not demand cognitive tasks.
Dragging Alternatives (WCAG 2.5.7)
Drag-and-drop must have click/tap alternatives for users with motor impairments.
ARIA Live Regions
Dynamic updates are invisible to screen readers unless announced via aria-live regions.
Color Contrast Issues
WCAG 1.4.3 requires 4.5:1 contrast. Poor contrast affects 300 million color-blind users worldwide.
Cognitive Load Score
Auto-playing carousels and excessive animations increase cognitive burden for users with ADHD and autism.
Heading Level Skips
Skipping heading levels breaks screen reader navigation and content hierarchy.
ARIA Role Validity
Invalid ARIA roles are ignored by assistive technology, potentially breaking custom widget accessibility.
Autoplay Media
Autoplay violates WCAG 1.4.2 and is disorienting for cognitive disabilities and screen reader users.
Timing Adjustable
Users must be able to extend time limits on interactive content per WCAG 2.2.1.
Composite Scoring Algorithm
Each dimension starts at 100, loses points for each failing factor, and clamps to [0, 100]. The composite score is a weighted average reflecting 2026 priorities.
Letter Grade Scale
Impact / Effort Ratings
Every recommendation in the audit report includes an Impact/Effort rating to help you prioritize fixes:
Best Strategy: Start with High Impact / Low Effort fixes first (title tags, meta descriptions, missing headers). These deliver the biggest score improvements for the least work.
Methodology Note
All scores are computed deterministically from HTML source code, HTTP response headers, and robots.txt content. No external APIs, no AI inference, and no Lighthouse simulations are used. Core Web Vitals metrics (LCP, CLS, INP) are proxy estimates based on HTML structure analysis β for lab measurements, use Google PageSpeed Insights or Chrome DevTools.
Β© 2026 Digital Marketing Co. Β· digitalmarketingco.org Β· Scoring Guide v3.0